<?xml version="1.0" encoding="UTF-8"?>
<!--
~ /*
~ * JBoss, Home of Professional Open Source.
~ * Copyright 2012, Red Hat, Inc., and individual contributors
~ * as indicated by the @author tags. See the copyright.txt file in the
~ * distribution for a full listing of individual contributors.
~ *
~ * This is free software; you can redistribute it and/or modify it
~ * under the terms of the GNU Lesser General Public License as
~ * published by the Free Software Foundation; either version 2.1 of
~ * the License, or (at your option) any later version.
~ *
~ * This software is distributed in the hope that it will be useful,
~ * but WITHOUT ANY WARRANTY; without even the implied warranty of
~ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ * Lesser General Public License for more details.
~ *
~ * You should have received a copy of the GNU Lesser General Public
~ * License along with this software; if not, write to the Free
~ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
~ */
-->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
targetNamespace="urn:jboss:domain:web:1.4"
xmlns="urn:jboss:domain:web:1.4"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
version="1.4">
<!-- The web subsystem root element -->
<xs:element name="subsystem" type="web-containerType" />
<!-- The web container configuration -->
<xs:complexType name="web-containerType">
<xs:annotation>
<xs:documentation>
<![CDATA[
The web subsystem, used to configure jboss.web
]]>
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="1" name="configuration" type="webConfigType" />
<xs:element maxOccurs="unbounded" ref="connector" />
<xs:element maxOccurs="unbounded" ref="virtual-server" />
<xs:element minOccurs="0" maxOccurs="unbounded" ref="valve" />
</xs:sequence>
<xs:attribute name="default-virtual-server"/>
<xs:attribute name="instance-id"/>
<xs:attribute name="native" default="true" type="xs:boolean"/>
</xs:complexType>
<xs:complexType name="webConfigType">
<xs:sequence>
<xs:element name="static-resources" minOccurs="0" maxOccurs="1" type="static-resourcesType">
<xs:annotation>
<xs:documentation>
<![CDATA[
A default service for all web applications, that serves static resources.
It processes all requests that are not mapped to other servlets with servlet mappings.
]]>
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="jsp-configuration" minOccurs="0" maxOccurs="1" type="jsp-configurationType" />
<!--
<xs:element minOccurs="0" maxOccurs="1" name="csrf"/>
<xs:element minOccurs="0" maxOccurs="1" name="webdav-fix"/>
-->
<xs:element name="mime-mapping" minOccurs="0" maxOccurs="unbounded" type="mime-mappingType" />
<xs:element name="welcome-file" minOccurs="0" maxOccurs="unbounded" type="xs:string" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="static-resourcesType">
<xs:attribute name="listings" default="false" type="xs:boolean" />
<xs:attribute name="sendfile" default="49152" />
<xs:attribute name="file-encoding" />
<xs:attribute name="read-only" default="true" type="xs:boolean" />
<xs:attribute name="webdav" default="false" type="xs:boolean" />
<xs:attribute name="secret" />
<xs:attribute name="max-depth" default="3" />
<xs:attribute name="disabled" default="false" type="xs:boolean" />
</xs:complexType>
<xs:complexType name="jsp-configurationType">
<xs:attribute name="development" default="false" type="xs:boolean" />
<xs:attribute name="disabled" default="false" type="xs:boolean" />
<xs:attribute name="keep-generated" default="true" type="xs:boolean" />
<xs:attribute name="trim-spaces" default="false" type="xs:boolean" />
<xs:attribute name="tag-pooling" default="true" type="xs:boolean" />
<xs:attribute name="mapped-file" default="true" type="xs:boolean" />
<xs:attribute name="check-interval" default="0" />
<xs:attribute name="modification-test-interval" default="4" />
<xs:attribute name="recompile-on-fail" default="false" type="xs:boolean" />
<xs:attribute name="smap" default="true" type="xs:boolean" />
<xs:attribute name="dump-smap" default="false" type="xs:boolean" />
<xs:attribute name="generate-strings-as-char-arrays" default="false" type="xs:boolean" />
<xs:attribute name="error-on-use-bean-invalid-class-attribute" default="false" type="xs:boolean" />
<xs:attribute name="scratch-dir" />
<xs:attribute name="source-vm" default="1.5" />
<xs:attribute name="target-vm" default="1.5" />
<xs:attribute name="java-encoding" default="UTF8" />
<xs:attribute name="x-powered-by" default="true" type="xs:boolean" />
<xs:attribute name="display-source-fragment" default="true" type="xs:boolean" />
</xs:complexType>
<xs:element name="connector">
<xs:complexType>
<xs:sequence>
<xs:element name="ssl" type="sslType" minOccurs="0" maxOccurs="1"/>
<xs:element name="virtual-server" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="xs:string" use="required" />
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attributeGroup ref="web-connector-attlist" />
</xs:complexType>
</xs:element>
<xs:attributeGroup name="web-connector-attlist">
<xs:attribute name="name" use="required" />
<xs:attribute name="protocol" use="required" />
<xs:attribute name="scheme" use="required" />
<xs:attribute name="socket-binding" use="required" />
<xs:attribute name="enable-lookups" default="false" type="xs:boolean" />
<xs:attribute name="proxy-name" />
<xs:attribute name="proxy-port" />
<xs:attribute name="redirect-port" />
<xs:attribute name="secure" default="false" type="xs:boolean" />
<xs:attribute name="max-post-size" />
<xs:attribute name="max-save-post-size" />
<xs:attribute name="enabled" default="true" type="xs:boolean" />
<xs:attribute name="executor" type="xs:string" />
<xs:attribute name="max-connections" />
</xs:attributeGroup>
<xs:element name="virtual-server">
<xs:complexType>
<xs:sequence>
<xs:element name="alias" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>Vhost aliases</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:attribute name="name" type="xs:string" use="required" />
</xs:complexType>
</xs:element>
<xs:element name="access-log" minOccurs="0" type="http-access-logType" />
<xs:element name="rewrite" minOccurs="0" type="http-rewriteType" />
<xs:element name="sso" minOccurs="0" maxOccurs="1" type="ssoType" />
<xs:element minOccurs="0" maxOccurs="unbounded" ref="valve" />
</xs:sequence>
<xs:attributeGroup ref="virtual-server-attlist" />
</xs:complexType>
</xs:element>
<xs:attributeGroup name="virtual-server-attlist">
<xs:attribute name="name" use="required">
<xs:annotation>
<xs:documentation>Main vhost name</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="enable-welcome-root" type="xs:boolean">
<xs:annotation>
<xs:documentation>Whether or not the bundled welcome directory is used as the root web context</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="default-web-module" default="ROOT.war" />
</xs:attributeGroup>
<xs:complexType name="http-access-logType">
<xs:sequence>
<xs:element name="directory" type="directoryType" />
</xs:sequence>
<xs:attribute name="pattern" default="common" />
<xs:attribute name="resolve-hosts" default="false" type="xs:boolean" />
<xs:attribute name="extended" default="false" type="xs:boolean" />
<xs:attribute name="prefix" default="access_log." />
<xs:attribute name="rotate" default="true" type="xs:boolean" />
</xs:complexType>
<xs:complexType name="ssoType">
<xs:attribute name="cache-container" type="xs:string">
<xs:annotation>
<xs:documentation>
<![CDATA[
Name of the cache container to use for clusterised sso
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="cache-name" type="xs:string">
<xs:annotation>
<xs:documentation>
<![CDATA[
Name of the cache to use for clusterised sso
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="domain" type="xs:string">
<xs:annotation>
<xs:documentation>
<![CDATA[
Cookie domain to use.
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="reauthenticate" type="xs:boolean">
<xs:annotation>
<xs:documentation>
<![CDATA[
Each request should cause a reauthentication.
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="http-rewriteType">
<xs:sequence>
<xs:element name="condition" type="rewrite-conditionType" />
</xs:sequence>
<xs:attribute name="name" use="optional">
<xs:annotation>
<xs:documentation>
<![CDATA[
Name of this rule
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="pattern" use="required">
<xs:annotation>
<xs:documentation>
<![CDATA[
Pattern is a perl compatible regular expression, which is applied to the current URL
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="substitution" use="required">
<xs:annotation>
<xs:documentation>
<![CDATA[
The substitution of a rewrite rule is the string which is substituted for (or replaces)
the original URL which Pattern matched
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="flags" use="required">
<xs:annotation>
<xs:documentation>Substitution options</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="rewrite-conditionType">
<xs:attribute name="name" use="optional">
<xs:annotation>
<xs:documentation>
<![CDATA[
Name of this rule
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="test" use="required">
<xs:annotation>
<xs:documentation>
<![CDATA[
The test string is first evaluated, before being matched against the specified pattern
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="pattern" use="required">
<xs:annotation>
<xs:documentation>
<![CDATA[
CondPattern is the condition pattern, a regular expression which is applied to the
current instance of the test string
]]>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="flags" use="required">
<xs:annotation>
<xs:documentation>Matching options</xs:documentation>
</xs:annotation>
</xs:attribute>
</xs:complexType>
<xs:complexType name="directoryType">
<xs:annotation>
<xs:documentation>
<![CDATA[
The "relative-to" references a global path configuration in the domain model.
The "path" is the directory based on the referenced path. If "path" is not
set, the name of the virtual-server is used.
]]>
</xs:documentation>
</xs:annotation>
<xs:attribute name="path" type="xs:string" use="optional" />
<xs:attribute name="relative-to" type="xs:string" use="optional" default="jboss.server.log.dir" />
</xs:complexType>
<xs:complexType name="mime-mappingType">
<xs:attribute name="name" use="required"/>
<xs:attribute name="value" use="optional"/>
</xs:complexType>
<!-- general SSL definitions -->
<xs:complexType name="sslType">
<xs:annotation>
<xs:documentation>Configuration information for one SSL configuration.</xs:documentation>
</xs:annotation>
<xs:attribute name="name" type="xs:string" use="required"/>
<xs:attribute name="key-alias" type="xs:string"/>
<xs:attribute name="password">
<xs:annotation>
<xs:documentation>Password for both keystore</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="certificate-key-file" default="${user.home}/.keystore">
<xs:annotation>
<xs:documentation>
When using JSSE that could be the only file, with OpenSSL there several files
Additionally we should have a logic to find the type of the file (PEM, PKCS12 or JKS) before using it.
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="cipher-suite" default="ALL">
<xs:annotation>
<xs:documentation>
comma separated list of encryption ciphers the configuration is allowed to use, that MUST NOT be
the JVM default in of JSSE as contains weak ciphers.
that is SSLCipherSuite when using OpenSSL (APR).
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="protocol" default="ALL" type="SSlProtocolType"/>
<xs:attribute name="verify-client" default="none">
<xs:annotation>
<xs:documentation>
that is OpenSSL SSLVerifyClient (optional,require,optionalNoCA,none) and clientAuth (true=require/false=none)
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="verify-depth" default="10"/>
<xs:attribute name="certificate-file">
<xs:annotation>
<xs:documentation>
Only in the OpenSSL (JSSE keystore contains both key and certificate).
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="ca-certificate-file">
<xs:annotation>
<xs:documentation>
The file containing the CA certificates, truststoreFile in JSSE, note the password it same as the keystore password.
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="ca-revocation-url">
<xs:annotation>
<xs:documentation>
A file or URL to get the revocation list. (actually: crlFile is JSSE and SSLCARevocationFile in OpenSSL)
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="ca-certificate-password">
<xs:annotation>
<xs:documentation>
Password of trust store for JSE
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="keystore-type" type="JSEStoreType">
<xs:annotation>
<xs:documentation>
Type of keystore type for JSE value can be pkcs12 or jks
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="truststore-type" type="JSEStoreType">
<xs:annotation>
<xs:documentation>
Type of keystore type for JSE value can be pkcs12 or jks
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="session-cache-size" default="0"/>
<xs:attribute name="session-timeout" default="86400"/>
</xs:complexType>
<xs:simpleType name="SSlProtocolType">
<xs:restriction base="xs:token">
<xs:enumeration value="SSLv2"/>
<xs:enumeration value="SSLv3"/>
<xs:enumeration value="TLSv1"/>
<xs:enumeration value="SSLv2+SSLv3"/>
<xs:enumeration value="ALL"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="JSEStoreType">
<xs:restriction base="xs:token">
<xs:enumeration value="JKS"/>
<xs:enumeration value="PKCS12"/>
</xs:restriction>
</xs:simpleType>
<xs:element name="valve">
<xs:complexType>
<xs:sequence>
<xs:element name="param" minOccurs="0" maxOccurs="unbounded" type="paramType" />
</xs:sequence>
<xs:attribute name="class-name" type="xs:string" use="required" />
<xs:attribute name="module" type="xs:string" use="required" />
<xs:attribute name="enabled" default="true" type="xs:boolean" />
</xs:complexType>
</xs:element>
<xs:complexType name="paramType">
<xs:attribute name="param-name" use="required"/>
<xs:attribute name="param-value" use="optional"/>
</xs:complexType>
</xs:schema>